Fixed failing gatk-nightly Docker builds. #5759
Conversation
…lt docker images rather than using the docker build machinery
|
https://travis-ci.com/broadinstitute/gatk/builds/103260089 for an example of a running cron job docker build (it uploaded to both repos correctly) |
Codecov Report
@@ Coverage Diff @@
## master #5759 +/- ##
===============================================
- Coverage 86.985% 86.982% -0.003%
+ Complexity 31864 31861 -3
===============================================
Files 1943 1943
Lines 146770 146768 -2
Branches 16223 16223
===============================================
- Hits 127668 127662 -6
- Misses 13190 13192 +2
- Partials 5912 5914 +2
|
.travis.yml
Outdated
| - if [[ $TRAVIS_BRANCH == master && $TRAVIS_EVENT_TYPE == cron && $UPLOAD == true ]]; then | ||
| docker login --username=$DOCKER_SERVICE_LOGIN --password=$DOCKER_SERVICE_PASS; | ||
| $GCLOUD_HOME/gcloud components -q update gsutil; | ||
| gsutil ls -l gs://gatk-nightly-builds | grep gatk | sort -r -k 2 | grep -o '\S\+$' | tail -n +11 | xargs -I {} gsutil rm {}; |
There was a problem hiding this comment.
Do we currently mention the gs://gatk-nightly-builds bucket anywhere in our README? If not can we mention it?
.travis.yml
Outdated
| @@ -175,16 +175,24 @@ after_success: | |||
| fi; | |||
|
|
|||
| # This creates and uploads the gatk zip file to the nightly build bucket, only keeping the 10 newest entries | |||
| # This also pokes the Dockerhub web api which is securely stored in the travis API with the variable "DOCKERHUB_URL" | |||
| # This also constructs the Docker image and uploads it to https://cloud.docker.com/u/broadinstitute/repository/docker/broadinstitute/gatk-nightly/ | |||
There was a problem hiding this comment.
Can we mention the nightly dockerhub repo in our README (if we don't already)?
There was a problem hiding this comment.
Its already mentioned. I added a line about the nightly zip folder in there.
.travis.yml
Outdated
| - if [[ $TRAVIS_BRANCH == master && $TRAVIS_EVENT_TYPE == cron && $UPLOAD == true ]]; then | ||
| docker login --username=$DOCKER_SERVICE_LOGIN --password=$DOCKER_SERVICE_PASS; |
There was a problem hiding this comment.
Are the values of these variables properly secured in travis?
There was a problem hiding this comment.
Yes, if you go into settings on travis you can see them. There is no way to extract the plaintext for the password (louis entered the username as unsecured). Furthermore perusing the logs it doesn't expose it when I type that command. Travis internally hides these variable names from the logs through some magic as well.
.travis.yml
Outdated
| echo "Triggering an automatic build on dockerhub"; | ||
| curl -H "Content-Type:application/json" --data '{"build":true}' -X POST ${DOCKERHUB_URL}; | ||
|
|
||
| sudo bash build_docker.sh -e ${TRAVIS_COMMIT} -s -u; |
There was a problem hiding this comment.
Does this need to be run as root? If not, can you change this?
There was a problem hiding this comment.
Also, should you be specifying a staging dir via -d, or did you deliberately want to use the working dir?
There was a problem hiding this comment.
The working dir in this case saves us having to pull from lfs again. The travis environment is also essentially an untouched gatk repo at this point anyway.
.travis.yml
Outdated
| $GCLOUD_HOME/gcloud components -q update gsutil; | ||
| gsutil ls -l gs://gatk-nightly-builds | grep gatk | sort -r -k 2 | grep -o '\S\+$' | tail -n +11 | xargs -I {} gsutil rm {}; | ||
| ./gradlew bundle; | ||
| ZIP_FILE="$(ls build/ | grep .zip)"; | ||
| ZIP_FILE="$(ls build/ | grep SNAPSHOT.zip)"; |
There was a problem hiding this comment.
I think this grep will fail if we happen to be on a commit in master with a tag (eg., we are on version 4.1.0.0 exactly). Can you just grep for a zip file that starts with "gatk" instead?
.travis.yml
Outdated
| curl -H "Content-Type:application/json" --data '{"build":true}' -X POST ${DOCKERHUB_URL}; | ||
|
|
||
| sudo bash build_docker.sh -e ${TRAVIS_COMMIT} -s -u; | ||
| DOCKER_TAG=$(docker images -q | head -n 1); |
There was a problem hiding this comment.
Is this guaranteed to be in the right order?
There was a problem hiding this comment.
Yes. It only builds one docker image on this machine (it will have downloaded the base image but its in descending order by newest)
.travis.yml
Outdated
|
|
||
| sudo bash build_docker.sh -e ${TRAVIS_COMMIT} -s -u; | ||
| DOCKER_TAG=$(docker images -q | head -n 1); | ||
| DATE=`date +%Y-%m-%d`; |
There was a problem hiding this comment.
Be consistent in your command substitution convention (backticks vs. $() )
.travis.yml
Outdated
| sudo bash build_docker.sh -e ${TRAVIS_COMMIT} -s -u; | ||
| DOCKER_TAG=$(docker images -q | head -n 1); | ||
| DATE=`date +%Y-%m-%d`; | ||
| DOCKER_UPLOAD=broadinstitute/gatk-nightly:$DATE-$(git describe)-SNAPSHOT; |
There was a problem hiding this comment.
Perhaps this should end in -NIGHTLY-SNAPSHOT?
There was a problem hiding this comment.
Also, rename DOCKER_UPLOAD to DOCKER_NIGHTLY_TAG
There was a problem hiding this comment.
Okay, its inconsistent with the previous syntax but only a handful of people use these so its probably fine chaning things up
.travis.yml
Outdated
| DATE=`date +%Y-%m-%d`; | ||
| DOCKER_UPLOAD=broadinstitute/gatk-nightly:$DATE-$(git describe)-SNAPSHOT; | ||
|
|
||
| echo "Pushing Docker image"; |
There was a problem hiding this comment.
Pushing nightly docker image
|
@droazen responded to your comments |
| @@ -103,7 +103,7 @@ releases of the toolkit. | |||
|
|
|||
| You can download and run pre-built versions of GATK4 from the following places: | |||
|
|
|||
| * A zip archive with everything you need to run GATK4 can be downloaded for each release from the [github releases page](https://github.com/broadinstitute/gatk/releases). | |||
| * A zip archive with everything you need to run GATK4 can be downloaded for each release from the [github releases page](https://github.com/broadinstitute/gatk/releases). We also host unstable archives generated nightly in the Google bucket gs://gatk-nightly-builds. | |||
There was a problem hiding this comment.
Do nightly builds ever age away or is dockerhub hosting all of our builds for all eternity?
There was a problem hiding this comment.
They just sit forever I believe. Its smart about compressing them/reusing layers but it doesn't seem like dockerhubs pricing scheme cares about the number of images hosted compared the the number of repositories but I could be wrong about that.
.travis.yml
Outdated
| $GCLOUD_HOME/gcloud components -q update gsutil; | ||
| gsutil ls -l gs://gatk-nightly-builds | grep gatk | sort -r -k 2 | grep -o '\S\+$' | tail -n +11 | xargs -I {} gsutil rm {}; | ||
| ./gradlew bundle; | ||
| ZIP_FILE="$(ls build/ | grep .zip)"; | ||
| ZIP_FILE="$(ls build/ | grep '^gatk.*.zip$' | grep -iv python)"; |
There was a problem hiding this comment.
One other option... we could make building /pushing the docker a gradle command. Probably best saved for another time though.
There was a problem hiding this comment.
Thats not a bad idea. There are some nuances that wold be a bit of a pain to resolve
.travis.yml
Outdated
|
|
||
| echo "Pushing Nightly Docker image"; | ||
| docker tag $DOCKER_TAG $DOCKER_NIGHTLY_TAG; | ||
| docker push $DOCKER_NIGHTLY_TAG; |
There was a problem hiding this comment.
Can we push these to our gcr test repo as well?
There was a problem hiding this comment.
Having a discussion about this with @droazen I think we should do this in a separate PR.
|
@droazen do you have any final thoughts on this branch? I would like to get this in so I can reactivate the cron job tonight |
Resolves #4965